Innotec #100 | LED Lighting and Technology Manufacturer Targeted by ALPHV Ransomware Group

Company Overview

Innotec, a leading LED lighting and counterweight manufacturer, has been targeted by the ALPHV ransomware group, as reported on the dark web leak site. The company, which operates in the manufacturing sector, has a website at http://www.innotecgroup.com/.

Innotec is known for its commitment to innovation and sustainability. The company has developed numerous patents and trade secrets over the last 30 years, focusing on industrial LED lighting, headrest stays, and metal forming, as well as counterweights. Innotec is dedicated to promoting sustainability by producing PCB-free LED lighting and recycled-material counterweights, minimizing its environmental impact and providing customers with more sustainable and cost-effective solutions.

Vulnerabilities and Targeting

The ALPHV ransomware group, also known as BlackCat, has been observed targeting various organizations worldwide since November 18, 2021. ALPHV is written in the Rust programming language and supports execution on Windows, Linux-based operating systems, and VMWare ESXi. The group can encrypt files using either the AES or ChaCha20 algorithms and can delete volume shadow copies, stop processes and services, and stop virtual machines on ESXi servers to maximize the amount of ransomed data.

Mitigation and Response

In the wake of this attack, it is crucial for Innotec and other organizations to implement robust cybersecurity measures to protect against ransomware attacks. This includes regular software updates, employee training, and the use of multi-factor authentication (MFA) to prevent unauthorized access. Additionally, organizations should consider implementing defense-in-depth strategies, such as automated moving target defense (AMTD), to deter and delay attackers.

Sources

• Ransomware Posts - GitHub Pages: https://github.com
• Groups profiles - RansomLook
• cybersecurity--q3-2023.pdf - Houlihan Lokey: https://www.hl.com